﻿<%
'打开访问权限，用于访问控制
hu_access = True
%><!--#include file="h.asp"--><%
'
'	七色虎建站系统
'	用户密码取回页面
'	2012.9.11

Sub main
	Dim a,userid,rs,body_,user_
	Dim qsid,ans,questionList_,pass
	hu.title = "重置密码"
	body_ = "[div=nav]-"&hu.url("?aid=index","首页")&"-重置密码[/div]"
	a=getN("a", 0)
	If a=0 Then
		body_ = body_ &"选择重置密码的途径：<br/>1、" &hu.url("bbs_forget.asp?a=1","通过验证密保重置密码") &"<br/>2、"&_
			hu.url("guest.asp?act=add","没有密保，给管理员留言")
		
	ElseIf a=1 Then
		Set rs=hu.conn("select id,question from 74hu_passwordask order by id")
		If Not rs.eof Then
			While Not rs.eof
				If questionList_="" Then questionList_=rs("id")
				questionList_ = questionList_ & "||" & rs("id") &"$$" & rs("question")
				rs.movenext
			Wend
		Else
			rupt "错误","系统发生错误，请与管理员联系"
		End If
		Set rs=Nothing
		Dim formarray(5)
		formarray(0) = http_path&"bbs_forget.asp||post||提交||用户名或ID号：<br/>"
		formarray(1) = "input||user$$$$18$$20||<br/>问题："
		formarray(2) = "select||qs$$"&questionList_&"||<br/>答案：<br/>"
		formarray(3) = "input||ans$$$$18$$20||<br/>新密码：<br/>"
		formarray(4) = "input||pass$$$$18$$20||<br/>"
		formarray(5) = "hidden||a$$11||"&bbsSid&"$$"&sid&"||"
		body_ = body_ & hu.getForm(formarray) &"<br/>"
	Elseif a=11 Then'初设密保
		qsid=getN("qs", 1)
		user_=getD("user", "")
		ans=getD("ans", "")
		pass=getD("pass", "")
		If user_="" Or ans="" Or pass="" Then rupt "错误", "所有内容都不能为空！"
		If len(pass)>16 Or len(pass)<2 Then rupt "错误",  "密码最短2位，最长16位！"
		Set rs=hu.conn("select top 1 id from 74hu_passwordask where id="&qsid)
		If rs.eof Then rupt "错误", "请选择密保问题"
		Set rs=Nothing
		If IsNumeric(user_) Then
			Set rs=hu.conn("select top 1 id from 74hu_user where id="&user_)
			If rs.eof Then
				rupt "错误", "用户不存在"& hu.url("bbs_forget.asp?a=1", "返回重写")
			End If
			userid=user_
		Else
			Set rs=hu.conn("select top 1 id from 74hu_user where name='"&user_&"'")
			If rs.eof Then
				rupt "错误", "用户不存在"& hu.url("bbs_forget.asp?a=1", "返回重写")
			End If
			userid=rs("id")
		End If
		Set rs=Nothing
		setSecret_=ifSetSecret(userid)'是否设置了密保
		If Not setSecret_ Then
			'未设密保
			body_ = body_ & "密保验证失败，请联系管理员"
		Else
			'已设密保
			Set rs=hu.conn("select top 1 id from 74hu_password where userid="&userid&" and ask1="&qsid&" and ans1='"&ans&"'")
			If Not rs.eof Then
				sid=getOnlySid()'登录时生成正确的唯一sid
				hu.conn("update 74hu_user set [password]='"&pass&"',sid='"&sid&"' where id="&userid)
				body_ = body_ &"密保修改成功！请牢记密码："&pass&"<br/>"
			Else
				body_ = body_ &"密保验证失败，请认真填写<br/>"& hu.url("bbs_forget.asp?a=1", "返回重写")
			End If
		End If
	Else
		
		body_ = body_ & "密保设置成功！请牢记密保信息<br/>"
	End If
	hu.body = comUbb(body_)
End Sub

%>